toolcraft 0.0.5 → 0.0.7

package/node_modules/auth-store/dist/provider-store.js

@@ -0,0 +1,28 @@
+export function key(providerId) {
+    return `provider:${providerId}`;
+}
+export class MigratingSecretStore {
+    store;
+    legacyStore;
+    constructor(store, legacyStore = null) {
+        this.store = store;
+        this.legacyStore = legacyStore;
+    }
+    async get() {
+        const value = await this.store.get();
+        if (value !== null || !this.legacyStore) {
+            return value;
+        }
+        const legacyValue = await this.legacyStore.get();
+        if (legacyValue !== null) {
+            await this.store.set(legacyValue);
+        }
+        return legacyValue;
+    }
+    async set(value) {
+        return this.store.set(value);
+    }
+    async delete() {
+        return this.store.delete();
+    }
+}

package/node_modules/auth-store/dist/types.d.ts

@@ -0,0 +1,20 @@
+import type { EncryptedFileStoreInput } from "./encrypted-file-store.js";
+import type { KeychainStoreInput } from "./keychain-store.js";
+export interface SecretStore {
+    get(): Promise<string | null>;
+    set(value: string): Promise<void>;
+    delete(): Promise<void>;
+}
+export type StoreBackend = "file" | "keychain";
+export interface CreateSecretStoreInput {
+    backend?: StoreBackend;
+    env?: NodeJS.ProcessEnv;
+    platform?: NodeJS.Platform;
+    backendEnvVar?: string;
+    fileStore?: EncryptedFileStoreInput;
+    keychainStore?: KeychainStoreInput;
+}
+export interface CreateSecretStoreResult {
+    store: SecretStore;
+    backend: StoreBackend;
+}

package/node_modules/auth-store/dist/types.js

@@ -0,0 +1 @@
+export {};

package/node_modules/auth-store/package.json

@@ -0,0 +1,25 @@
+{
+  "name": "auth-store",
+  "version": "0.0.1",
+  "type": "module",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js"
+    }
+  },
+  "scripts": {
+    "build": "tsc"
+  },
+  "dependencies": {},
+  "files": [
+    "dist"
+  ],
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/poe-platform/poe-code.git",
+    "directory": "packages/auth-store"
+  }
+}

package/node_modules/mcp-oauth/README.md

@@ -0,0 +1,31 @@
+# mcp-oauth
+
+OAuth client primitives for MCP HTTP transports.
+
+## Config
+
+`createDefaultOAuthClientProvider(options)` accepts:
+
+- `client`
+  - `mode: "dynamic"` with optional `metadata`
+  - `mode: "static"` with `clientId`, optional `clientSecret`, optional `metadata`
+- `browser.openBrowser(url)`
+- `browser.readLine()` optional
+- `browser.createServer()` optional
+- `browser.landingPage` optional
+- `sessionStore` optional
+- `authStore` optional `auth-store` backend config for the default session store
+- `now()` optional clock override
+
+`createJwksTokenVerifier(options)` accepts:
+
+- `jwksUrl`
+- `clockSkewSeconds` optional, defaults to `30`
+- `allowedAlgorithms` optional asymmetric allow-list
+- `fetch` optional override
+
+`createAuthStoreSessionStore(options)` accepts the standard `auth-store` config.
+
+## Environment Variables
+
+None directly. When `authStore` is used, `auth-store` honors its own backend env var configuration.

package/node_modules/mcp-oauth/dist/client/auth-store-session-store.d.ts

@@ -0,0 +1,14 @@
+import { type CreateSecretStoreInput } from "auth-store";
+import type { OAuthSessionStore } from "./types.js";
+interface StoredOAuthClient {
+    clientId: string;
+    clientSecret?: string;
+}
+export interface OAuthClientStore {
+    load(issuer: string): Promise<StoredOAuthClient | null>;
+    save(issuer: string, client: StoredOAuthClient): Promise<void>;
+    clear(issuer: string): Promise<void>;
+}
+export declare function createAuthStoreSessionStore(options?: CreateSecretStoreInput): OAuthSessionStore;
+export declare function createAuthStoreClientStore(options: CreateSecretStoreInput): OAuthClientStore;
+export {};

package/node_modules/mcp-oauth/dist/client/auth-store-session-store.js

@@ -0,0 +1,97 @@
+import crypto from "node:crypto";
+import path from "node:path";
+import { createSecretStore, } from "auth-store";
+import { canonicalizeResourceIndicator } from "../resource-indicator.js";
+const DEFAULT_FILE_SALT = "poe-code:mcp-oauth:v1";
+const DEFAULT_FILE_DIRECTORY = ".poe-code/mcp-oauth";
+const DEFAULT_KEYCHAIN_SERVICE = "poe-code-mcp-oauth";
+const DEFAULT_CLIENT_FILE_SALT = "poe-code:mcp-oauth:clients:v1";
+const DEFAULT_CLIENT_FILE_DIRECTORY = ".poe-code/mcp-oauth/clients";
+const DEFAULT_CLIENT_KEYCHAIN_SERVICE = "poe-code-mcp-oauth-clients";
+export function createAuthStoreSessionStore(options = {}) {
+    return {
+        async load(resource) {
+            const store = createResourceSecretStore(resource, options);
+            const value = await store.get();
+            if (value === null) {
+                return null;
+            }
+            const parsed = JSON.parse(value);
+            if (typeof parsed === "object" && parsed !== null && !Array.isArray(parsed)) {
+                return parsed;
+            }
+            throw new Error("Stored OAuth session must be a JSON object");
+        },
+        async save(resource, session) {
+            const store = createResourceSecretStore(resource, options);
+            await store.set(JSON.stringify(session));
+        },
+        async clear(resource) {
+            const store = createResourceSecretStore(resource, options);
+            await store.delete();
+        },
+    };
+}
+export function createAuthStoreClientStore(options) {
+    return {
+        async load(issuer) {
+            const store = createIssuerSecretStore(issuer, options);
+            const value = await store.get();
+            if (value === null) {
+                return null;
+            }
+            const parsed = JSON.parse(value);
+            if (typeof parsed === "object"
+                && parsed !== null
+                && !Array.isArray(parsed)
+                && typeof parsed.clientId === "string") {
+                return parsed;
+            }
+            throw new Error("Stored OAuth client must be a JSON object with clientId");
+        },
+        async save(issuer, client) {
+            const store = createIssuerSecretStore(issuer, options);
+            await store.set(JSON.stringify(client));
+        },
+        async clear(issuer) {
+            const store = createIssuerSecretStore(issuer, options);
+            await store.delete();
+        },
+    };
+}
+function createNamedSecretStore(key, options, defaults) {
+    const hash = crypto.createHash("sha256").update(key).digest("hex");
+    const parsedFilePath = options.fileStore?.filePath === undefined ? null : path.parse(options.fileStore.filePath);
+    const fileStore = {
+        ...options.fileStore,
+        salt: options.fileStore?.salt ?? defaults.salt,
+        defaultDirectory: parsedFilePath?.dir ||
+            options.fileStore?.defaultDirectory ||
+            defaults.directory,
+        defaultFileName: parsedFilePath === null
+            ? `${hash}.enc`
+            : `${parsedFilePath.name}-${hash}${parsedFilePath.ext || ".enc"}`,
+    };
+    const keychainStore = {
+        ...options.keychainStore,
+        service: options.keychainStore?.service ?? defaults.service,
+        account: `${options.keychainStore?.account ?? defaults.accountPrefix}:${hash}`,
+    };
+    return createSecretStore({ ...options, fileStore, keychainStore }).store;
+}
+function createResourceSecretStore(resource, options) {
+    return createNamedSecretStore(canonicalizeResourceIndicator(resource), options, {
+        salt: DEFAULT_FILE_SALT,
+        directory: DEFAULT_FILE_DIRECTORY,
+        service: DEFAULT_KEYCHAIN_SERVICE,
+        accountPrefix: "provider",
+    });
+}
+function createIssuerSecretStore(issuer, options) {
+    return createNamedSecretStore(issuer, options, {
+        salt: DEFAULT_CLIENT_FILE_SALT,
+        directory: DEFAULT_CLIENT_FILE_DIRECTORY,
+        service: DEFAULT_CLIENT_KEYCHAIN_SERVICE,
+        accountPrefix: "issuer",
+    });
+}

package/node_modules/mcp-oauth/dist/client/authorization-state.d.ts

@@ -0,0 +1,8 @@
+export declare function createAuthorizationState(input: {
+    issuer: string;
+    requireIssuer: boolean;
+}): string;
+export declare function parseAuthorizationState(value: string | null): {
+    issuer: string;
+    requireIssuer: boolean;
+} | null;

package/node_modules/mcp-oauth/dist/client/authorization-state.js

@@ -0,0 +1,34 @@
+import crypto from "node:crypto";
+export function createAuthorizationState(input) {
+    const payload = {
+        v: 1,
+        n: crypto.randomBytes(16).toString("base64url"),
+        i: input.issuer,
+        r: input.requireIssuer,
+    };
+    return Buffer.from(JSON.stringify(payload), "utf8").toString("base64url");
+}
+export function parseAuthorizationState(value) {
+    if (value === null || value.length === 0) {
+        return null;
+    }
+    try {
+        const decoded = Buffer.from(value, "base64url").toString("utf8");
+        const parsed = JSON.parse(decoded);
+        if (parsed.v !== 1
+            || typeof parsed.n !== "string"
+            || parsed.n.length === 0
+            || typeof parsed.i !== "string"
+            || parsed.i.length === 0
+            || typeof parsed.r !== "boolean") {
+            return null;
+        }
+        return {
+            issuer: parsed.i,
+            requireIssuer: parsed.r,
+        };
+    }
+    catch {
+        return null;
+    }
+}

package/node_modules/mcp-oauth/dist/client/default-oauth-client-provider.d.ts

@@ -0,0 +1,3 @@
+import type { DefaultOAuthClientProviderOptions, OAuthClientProvider, OAuthClientProviderOptions } from "./types.js";
+export declare function createOAuthClientProvider(options: OAuthClientProviderOptions): OAuthClientProvider;
+export declare function createDefaultOAuthClientProvider(options: DefaultOAuthClientProviderOptions): OAuthClientProvider;